The results presented in this study explored the inherent correlation biases found in widely used computer vision models, which were leveraged to create images that these systems failed to interpret correctly.
First Published 9th May 2021
The reversing engineer.
3 min read | 27 min video | Reflare Research Team
In a collaborative research project between Reflare and Deloitte, we exploited common associations between objects—like dogs and frisbees—to mislead algorithms into misidentifications. Our research team employed sophisticated techniques involving RetinaNet, YOLOv3, and TinyYOLOv3 trained on the COCO dataset to generate these deceptive images. We combined objects that these systems recognised with certainty with backgrounds they barely understood, effectively camouflaging the intended target.
Moreover, we demonstrated that these adversarial images were not just theoretical but practical, achieving a 90% success rate in deceiving leading commercial computer vision systems, tested across 1,000 images. These findings hold significant implications for the security of computer vision applications and their future development and refinement.
Watch the presentation below to see how adversarial images were designed, tested, and validated in real-world scenarios. This confirms their effectiveness in bypassing some of the most advanced visual recognition technologies today.
This is essential viewing for professionals in tech, security, and AI, providing critical insights into the vulnerabilities of current systems and how they can be safeguarded against emerging threats.